4530 matches found
Microsoft SQL Server vulnerable to buffer overflow
Overview Microsoft SQL Server contains a buffer overflow vulnerability. A local attacker could leverage this vulnerability to gain elevated privileges and/or execute arbitrary code. Description Quoting from Microsoft Security Bulletin MS03-031:A flaw exists in a specific Windows function that may...
MS03-031: Cumulative Patch for MS SQL Server (815495)
The remote Microsoft SQL server is vulnerable to several flaws : - Named pipe hijacking - Named Pipe Denial of Service - SQL server buffer overrun These flaws could allow a user to gain elevated privileges on this host. C Tenable Network Security, Inc. include"compat.inc"; if description...
Microsoft SQL Server 7.02000 MSDE - Named Pipe Denial of Service (MS03-031)
Microsoft SQL Server 7.02000 MSDE - Named Pipe Denial of Service MS03-031 source: https://www.securityfocus.com/bid/8274/info Microsoft SQL Server and the Microsoft Data Engine have been reported prone to a denial of service attack. Any local or remote user, who can authenticate and is part of th...
Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service (MS03-031)
source: https://www.securityfocus.com/bid/8274/info Microsoft SQL Server and the Microsoft Data Engine have been reported prone to a denial of service attack. Any local or remote user, who can authenticate and is part of the Everyone Group, may trigger a denial of service condition in an affected...
CVE-2003-0496
Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xpfileexist extended stored procedure with a named pipe as an argument instead of a normal file...
CVE-2003-0496
CVE-2003-0496: Affected software is Microsoft SQL Server on Windows 2000 prior to SP4. By passing a named pipe as an argument to xp_fileexist, a local attacker can impersonate the SQL Server service account due to CreateFile/Named Pipe behavior. Impact is local privilege escalation to the SQL Ser...
Pipe Filename Local Privilege Escalation FAQ
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We have received several inquiries regarding the advisory, "Named Pipe Filename Local Privilege Escalation" that was published by @stake on 07/08/2003. These answers should clarify where the vulnerability actually lies so customers can make informed...
Named Pipe Filename Local Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Named Pipe Filename Local Privilege Escalation Release Date: 07/08/2003 Application: Microsoft SQL Server Platform: Windows NT/2000/XP Severity: Local privilege escalation Author: Andreas...
Snitz Forums 2000 - register.asp SQL Injection
Snitz Forums 2000 - register.asp SQL Injection source: https://www.securityfocus.com/bid/7549/info Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz is back-ended by a database and supports Microsoft Access 97/2000, SQL Server 6.5/7.0/2000 an...
Snitz Forums 2000 - 'register.asp' SQL Injection
source: https://www.securityfocus.com/bid/7549/info Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz is back-ended by a database and supports Microsoft Access 97/2000, SQL Server 6.5/7.0/2000 and MySQL. It is possible for a remote attacker t...
Microsoft SQL Server 7.02000 JET Database Engine 4.0 - Buffer Overrun
Microsoft SQL Server 7.02000 JET Database Engine 4.0 - Buffer Overrun source: https://www.securityfocus.com/bid/7541/info Microsoft SQL Server is prone to an exploitable buffer overrun vulnerability via the Jet Database Engine. This can occur while the JET 4.0 OLE DB data provider is querying dat...
Microsoft SQL Server 7.0/2000 JET Database Engine 4.0 - Buffer Overrun
source: https://www.securityfocus.com/bid/7541/info Microsoft SQL Server is prone to an exploitable buffer overrun vulnerability via the Jet Database Engine. This can occur while the JET 4.0 OLE DB data provider is querying data supplied via a remote source and is due to insufficient bounds...
CVE-2002-0187
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."...
CVE-2002-0650
The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service bandwidth consumption via a "ping" style packet to the Resolution Service UDP port 1434 with a spoofed IP address of another SQL Server system, which causes the two servers to exchange...
CVE-2002-0700
Buffer overflow in a system function that performs user authentication for Microsoft Content Management Server MCMS 2001 allows attackers to execute code in the Local System context by authenticating to a web page that calls the function, aka "Unchecked Buffer in MDAC Function Could Enable SQL...
CVE-2002-0859
CVE-2002-0859 describes a buffer overflow in the OpenDataSource function of the Jet engine used by Microsoft SQL Server 2000. The vulnerability permits remote attackers to execute arbitrary code, affecting the system via the Jet engine component. The available records indicate the issue arises fr...
CVE-2002-0695
CVE-2002-0695 describes a buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5–2.7, affecting SQL Server 7.0 or 2000. The underlying issue is a buffer overflow in the OpenRowSet path that could allow a remote attacker to execute arbitrary...
CVE-2002-0186
Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code via data queries with a long content-type parameter, aka "Unchecked Buffer in SQLXML ISAPI Extension."...
CVE-2002-0642
CVE-2002-0642 corresponds to an elevation-of-privilege issue in Microsoft SQL Server 2000 and MSDE 2000 caused by insecure permissions on the registry key that stores the SQL Server service account. The OpenVAS/SECURITYVULNS entries corroborate a privilege-escalation risk tied to the SQL Server s...
CVE-2002-0859
Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code...